我对如何生成对https URL的请求并使用证书进行身份验证感到困惑。
当我尝试在浏览器中导航到该网址时,我收到错误消息( 403访问被拒绝)。一旦我安装了 PFX 证书(请求密码),我就能够访问该服务。
我从这些链接开始,并采用我认为正确的方式进行调整
附注:您将看到以下带有扩展名.cer的证书。我从浏览器导出上述证书,然后将其安装在计算机>个人商店(请参阅下面的MS链接)。
http://www.codeproject.com/Articles/28395/Attaching-a-digital-certificate-public-key-to-an-H https://support.microsoft.com/en-us/kb/895971
HttpWebRequest ThisReq = System.Net.WebRequest.Create("https://site/service");
ThisReq.Method = "POST";
ThisReq.ContentType = "application/xml";
ThisReq.KeepAlive = true;
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;
// Dont know if i need the below handler at this stage
//ServicePointManager.ServerCertificateValidationCallback += new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);
ThisReq.Credentials = new NetworkCredential("user", "password1");
ThisReq.ClientCertificates.Clear();
ThisReq.ClientCertificates.Add(X509Certificate.CreateFromCertFile(@"D:\cert.cer"));
try
{
Resp = (System.Net.HttpResp)ThisReq.GetResponse();
}
catch (Exception we)
{
}
一旦执行Resp = (System.Net.HttpResp)ThisReq.GetResponse();,我就会在catch块中收到403错误。我尝试在Fiddler中查看请求,但从我能说的内容中没有任何明显的信息。
我已经留下了一些代码(比如读取XML文件并传入字节/内容长度),因为它抛出了其他错误 - 如果有任何需要,我可以重新包含它。
任何有助于此工作的帮助或示例都会很棒。
编辑1:
Ipconfig结果
Windows IP Configuration
Host Name . . . . . . . . . . . . : Win10Laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Home
Wireless LAN adapter Local Area Connection* 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : 3C-A9-F4-3F-DA-B9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wi-Fi:
Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : Intel(R) Centrino(R) Ultimate-N 6300 AGN
Physical Address. . . . . . . . . : 3C-A9-F4-3F-DA-B8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2a02:c7f:9809:b700:611c:8e4e:f3f8:9c2c(Preferred)
IPv6 Address. . . . . . . . . . . : fd7a:709e:7e57:0:611c:8e4e:f3f8:9c2c(Preferred)
Temporary IPv6 Address. . . . . . : 2a02:c7f:9809:b700:653a:bde5:11f7:235b(Preferred)
Temporary IPv6 Address. . . . . . : fd7a:709e:7e57:0:1d7c:4f97:c2a3:3208(Preferred)
Link-local IPv6 Address . . . . . : fe80::611c:8e4e:f3f8:9c2c%16(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.17(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 02 June 2016 09:03:44
Lease Expires . . . . . . . . . . : 03 June 2016 17:20:50
Default Gateway . . . . . . . . . : fe80::c23e:fff:fe78:a48%16
192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 121416180
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-4B-53-1D-F0-1F-AF-22-85-6C
DNS Servers . . . . . . . . . . . : fd7a:709e:7e57:0:c23e:fff:fe78:a48
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.Home:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:1457:1b0b:681e:6e47(Preferred)
Link-local IPv6 Address . . . . . : fe80::1457:1b0b:681e:6e47%18(Preferred)
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 201326592
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-4B-53-1D-F0-1F-AF-22-85-6C
NetBIOS over Tcpip. . . . . . . . : Disabled